Malicious bots and e-commerce.

DataDome has published a report on e-commerce bot traffic during the 2022 holiday season, finding that bots are growing increasingly capable of imitating human users.

Bots in the US.

Most of the traffic observed by DataDome came from IP addresses in the United States. This doesn’t necessarily mean the spammers are in the US, since they intentionally use IP addresses in the region they intend to target (and the researchers note that most of DataDome’s customers are located in the US.)

DataDome states, “The availability of high-quality proxies has made it easy for attackers to leverage IPs from the home location of their target business. And attackers paid premium prices for ISP proxies, proving both the increasing ROI of online fraud, especially scalping, around Black Friday and other limited sales, and the effectiveness of ISP proxies in helping cybercriminals avoid detection by more basic bot mitigation tools and web application firewalls (WAFs).”

Nearly all bots are focused on scalping.

98% of the bots were designed to scrape online retailers’ inventory and buy items to be scalped. The two most targeted sectors were electronics and footwear. The bots were particularly focused on gaming consoles and luxury or limited-edition clothing merchandise:

“Numbering in the billions, scraping bots, considered a gateway automated threat that often leads to more aggressive and damaging attacks, were used to test the availability of products and target the limited infrastructure resources during the busy holiday season. Scalping attacks followed, as fraudsters tried to snag as much inventory as possible to resell for profit later.”